Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
File:                     8AI84rpaHU_QpeIn3nTLxB0rucg.mft (raw, json)
Hash identifier:          /fMVtnF/1WC/xeH/prXEAII+eLBl2Rdk5hOJbyopdas=
Subject key identifier:   DC:E7:07:10:53:E9:F0:80:39:2A:0F:BE:97:57:27:F9:1D:19:D5:AB
Authority key identifier: F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8
Certificate issuer:       /CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
Certificate serial:       019874501166DB3FFCADF35AEEFC6E7C0A9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
Manifest number:          1360
Signing time:             Mon 04 Aug 2025 09:01:01 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:01 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:01 +0000
Files and hashes:         1: 8AI84rpaHU_QpeIn3nTLxB0rucg.crl (hash: uNXJT4N7lf5gyDlyGqlFv48haGQiAFz0tyvQT6Oyjio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:11:66:db:3f:fc:ad:f3:5a:ee:fc:6e:7c:0a:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
        Validity
            Not Before: Aug  4 09:01:01 2025 GMT
            Not After : Aug  5 09:01:01 2025 GMT
        Subject: CN=dce7071053e9f080392a0fbe975727f91d19d5ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f1:40:38:53:46:82:42:35:af:35:03:1c:57:
                    18:a0:88:70:fd:91:c1:6e:7b:67:57:1b:7a:d8:53:
                    c2:e1:24:a3:5f:20:b2:56:46:4d:df:c1:03:59:03:
                    29:c2:85:3a:62:49:56:a9:3c:ef:68:6d:f2:9a:3e:
                    41:08:79:ef:95:11:df:da:04:2f:9f:be:e2:1a:bd:
                    b6:36:cb:ae:9e:60:dd:7d:8e:52:86:2a:ec:4a:9f:
                    e1:c3:d9:7c:9d:3e:e9:f9:11:b7:ff:e5:ce:20:8b:
                    62:84:5b:6b:4e:6f:34:c4:90:f3:75:67:d7:1f:99:
                    4c:6e:d2:bd:83:2d:37:68:d3:e8:7c:c1:af:c8:da:
                    ea:b0:21:de:20:cb:ce:a5:0f:52:03:46:ca:1b:49:
                    b6:f5:1e:54:f7:46:a5:1f:38:ca:f2:96:5b:bb:8d:
                    55:6d:5d:30:03:12:1b:25:d1:e2:e4:d7:f2:4e:7a:
                    33:03:81:81:08:dd:61:fa:fd:72:1e:e5:94:a7:e4:
                    49:d0:49:08:a1:2d:a2:54:ab:ea:98:c5:f1:9a:11:
                    25:44:7e:fd:d2:5d:bd:5f:4b:ba:2b:e9:f8:19:ab:
                    b3:4a:9e:39:9f:f0:5e:3d:a1:1a:6a:16:fa:1f:09:
                    1a:ad:47:31:d3:32:22:ea:eb:fa:c3:7f:53:15:bd:
                    7f:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:E7:07:10:53:E9:F0:80:39:2A:0F:BE:97:57:27:F9:1D:19:D5:AB
            X509v3 Authority Key Identifier:
                keyid:F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:e3:05:d4:0a:a1:1d:a8:6e:96:b9:76:82:62:2a:41:bb:2a:
         46:86:eb:6a:69:83:42:9d:aa:da:7a:55:51:10:92:a8:a3:66:
         48:43:b8:8f:18:eb:8e:79:b6:a2:eb:e8:a0:be:54:ed:82:79:
         5b:7e:53:40:a7:6d:d2:dc:6a:68:05:29:6f:63:5b:ac:97:43:
         4d:f2:c6:e7:46:78:d9:30:53:77:75:f3:12:ef:f9:d5:c1:47:
         3c:58:de:6e:51:aa:2f:0d:eb:7c:36:b2:72:42:2d:33:bb:cb:
         24:e3:03:52:2c:4c:b6:97:60:87:75:c2:81:c5:7b:82:d2:df:
         1e:7e:61:38:b1:8d:fe:32:2e:cb:ce:22:71:4c:53:b6:15:cb:
         26:11:c2:33:78:d7:ea:69:1f:8a:29:1f:06:dc:d6:2d:9c:8f:
         23:e9:ff:a5:f7:40:8f:8c:1d:e6:a2:f2:e8:cf:4b:70:11:6e:
         8d:3d:cf:b8:05:34:6f:01:ec:ad:0b:63:bd:a7:f3:9a:81:63:
         5c:b9:a1:ed:b1:4d:dd:24:94:9c:24:d1:f9:ff:44:0f:30:22:
         db:96:51:2b:69:2f:9b:26:ca:3c:11:de:32:c4:0d:02:2e:4a:
         5d:12:ff:6b:67:3d:a5:74:27:95:99:fb:dd:d7:48:01:00:6c:
         d0:a9:ae:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UBFm2z/8rfNa7vxufAqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMDIzY2UyYmE1YTFkNGZkMGE1ZTIyN2RlNzRjYmM0MWQy
YmI5YzgwHhcNMjUwODA0MDkwMTAxWhcNMjUwODA1MDkwMTAxWjAzMTEwLwYDVQQD
EyhkY2U3MDcxMDUzZTlmMDgwMzkyYTBmYmU5NzU3MjdmOTFkMTlkNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvFAOFNGgkI1rzUDHFcYoIhw/ZHB
bntnVxt62FPC4SSjXyCyVkZN38EDWQMpwoU6YklWqTzvaG3ymj5BCHnvlRHf2gQv
n77iGr22NsuunmDdfY5ShirsSp/hw9l8nT7p+RG3/+XOIItihFtrTm80xJDzdWfX
H5lMbtK9gy03aNPofMGvyNrqsCHeIMvOpQ9SA0bKG0m29R5U90alHzjK8pZbu41V
bV0wAxIbJdHi5NfyTnozA4GBCN1h+v1yHuWUp+RJ0EkIoS2iVKvqmMXxmhElRH79
0l29X0u6K+n4GauzSp45n/BePaEaahb6HwkarUcx0zIi6uv6w39TFb1/1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNznBxBT6fCAOSoPvpdXJ/kdGdWrMB8GA1UdIwQY
MBaAFPACPOK6Wh1P0KXiJ950y8QdK7nIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzIt
ZWJkNjlkNzczNGYwLzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzItZWJkNjlkNzczNGYw
LzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU+MF1Aqh
Hahulrl2gmIqQbsqRobrammDQp2q2npVURCSqKNmSEO4jxjrjnm2ouvooL5U7YJ5
W35TQKdt0txqaAUpb2NbrJdDTfLG50Z42TBTd3XzEu/51cFHPFjeblGqLw3rfDay
ckItM7vLJOMDUixMtpdgh3XCgcV7gtLfHn5hOLGN/jIuy84icUxTthXLJhHCM3jX
6mkfiikfBtzWLZyPI+n/pfdAj4wd5qLy6M9LcBFujT3PuAU0bwHsrQtjvafzmoFj
XLmh7bFN3SSUnCTR+f9EDzAi25ZRK2kvmybKPBHeMsQNAi5KXRL/a2c9pXQnlZn7
3ddIAQBs0Kmu4g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:06:04 2025 by rpki-client